Support STIX 2.1 EXISTS operator

[pcoccoli]

Is your feature request related to a problem? Please describe.
STIX 2.1 introduced a unary EXISTS operator:
https://docs.oasis-open.org/cti/stix/v2.1/os/stix-v2.1-os.html#_t11hn314cr7w

None of the stix-shifter modules support it.

Describe the solution you'd like
Each module should translate EXISTS to the appropriate query construct for their native queries.

Describe alternatives you've considered
If not supported, the error message form stix-shifter could suggest how to rewrite the pattern to accomplish the same thing. E.g. [EXISTS file:name] is equivalent to [file:name LIKE '%'] (I think).

Additional context

[mavam]

Are the semantics the same as "field is not null"?

[subbyte]

I think so, not sure what is the standard STIX pattern way of saying "field is not null".

[mavam]

Intuitively, EXISTS is the natural fit. It's listed as set operation, though, indicating that it's basically set membership. But I would argue that you could argue that field existence is some version of that.

Ultimately I'd go pragmatically: if we need to check whether a field is null, let's use the next-best thing, which is EXISTS. If there was a null, we could do x != null.